We performed a comparison between Fortinet FortiWeb and Qualys VMDR based on real PeerSpot user reviews.
Find out what your peers are saying about Amazon Web Services (AWS), Microsoft, F5 and others in Web Application Firewall (WAF)."Both the internal firewall management and the cloud can be managed by a single console."
"The initial setup is pretty straightforward."
"The most valuable feature in this solution is the ability to disseminate between the user entering some wrong value to the field, and a suspicious actor trying to exploit some known vulnerability."
"L-7 protection makes possible to protect legacy/not up-to-date servers/applications without changing the application code."
"Fortinet is a great SD-WAN player when it comes to security capabilities."
"The solution is stable."
"The support services, performance, and pricing are all valuable features. The performance is excellent."
"High-performance and detection engines, provide a high rate of exposure of web attacks."
"The reporting is fine."
"Technical support is great and we've never really had a problem."
"Tech support is helpful."
"I find Qualys VM very robust, and it's very useful for vulnerability management and patch management. The value that it brings to my environment is economies of scale. There is no limitation on adding any endpoints. You go by the rule, and it's added once another endpoint is added to our environment. It's automatically installed, and it's less work from our end. It frees up my license automatically if I don't need an endpoint or if my machine is decommissioned. I like the dashboard displays because I don't see any duplication. The most important part is vulnerability management and prioritization. Unlike Symantec, it shows the kind of vulnerability I would want to patch first. It provides a holistic view of the kind of vulnerabilities and the ones I should remediate first. I don't have to do a scan; it just brings up those critical kinds of vulnerabilities like zero-day vulnerabilities and tells me to prioritize them. You have to prioritize these vulnerabilities first and go on with the rest. The dashboard shows me the ones that have been fixed, so I don't have to complete an aging report. The user experience and the graphical interface are good. As it's user-friendly and understandable on an executive level, it brings real value. We also use this solution because it's robust and flexibile."
"It's really beneficial for scanning and interacting with the agent."
"Great web application security for scanning."
"The features that are most valuable are the identification, scan features, and the identification of vulnerabilities."
"I like Qualys because it is a very complete product, more so than Tenable."
"The integration with other products should be improved."
"The solution could improve by providing more integration with solutions other than the Fortinet family."
"I would like to see the Application Delivery Control (ADC) and Web Application Firewall (WAF) combined in one device."
"Fortinet WAF came out recently, and there is not much feedback about customer experience. For each project, customers ask about the scenarios and references of the customers who have implemented this solution, which we don't have. They need to simplify the customer experience and provide more information so that we can propose Fortinet Fortiweb as a WAF solution to customers and convince them. They need to improve their service and training. We need good training to implement and use it properly and know more about it. We still don't know much about Fortinet WAF. We didn't get any proper training sessions. Other vendors like Cisco, Palo Alto, Check Point, and Barracuda provide such sessions. Whenever we receive a request from a customer for this solution, we just give the price. We don't propose this solution because we don't know much about it. We propose whatever we are familiar with and what is supported."
"A better load balancer is needed when multiple servers are used for the same website."
"Describing security rules should be improved. It's tricky to define new feature tools when you want to describe an attack pattern and want to block it."
"HA Architecture needs improvement. I would improve it by working on AP HA."
"Centralized management of multiple devices, and GUI improvement, could reduce the learning curve."
"Could use additional security for the app."
"They're still evolving their platform in terms of reporting capabilities."
"I would like to see this solution simplified to work more easily in a multi-cloud environment."
"Qualys could improve the inbuilt dashboards."
"I would like to see this solution more developed and competitive in the Cloud space."
"Qualys VM's vulnerability scan could be improved, especially the number of CVE numbers it can manage at a time."
"Qualys currently does not have any features for scanning SCADA, IoT, and Industrial Control Systems."
"Qualys VM's machine learning and artificial intelligence features could be improved."
Fortinet FortiWeb is ranked 4th in Web Application Firewall (WAF) with 83 reviews while Qualys VMDR is ranked 3rd in Risk-Based Vulnerability Management with 76 reviews. Fortinet FortiWeb is rated 8.0, while Qualys VMDR is rated 8.2. The top reviewer of Fortinet FortiWeb writes "Cost-effective, easy to configure, and works very well as a single solution for multiple environments". On the other hand, the top reviewer of Qualys VMDR writes "Good visibility but expensive and needs better support". Fortinet FortiWeb is most compared with F5 Advanced WAF, Fortinet FortiADC, AWS WAF, Azure Web Application Firewall and Imperva Web Application Firewall, whereas Qualys VMDR is most compared with Tenable Nessus, Tenable Security Center, Rapid7 InsightVM, Microsoft Defender Vulnerability Management and Tenable Vulnerability Management.
We monitor all Web Application Firewall (WAF) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
